Resources
Learn about CYREBRO’s platform, technology, and capabilities, read about industry insights, watch webinars with cyber experts, and much more in the resources below.
-
Threat Intelligence
3CX Desktop App Was Compromised in a Supply Chain Attack
March 30, 2023 3CX Desktop App Was Compromised in a Supply Chain Attack Several security firms have recently discovered unexpected malicious activity emanating from the legitimate, signed binary, softphone application 3CXDesktopApp from 3CX. Malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and in a few cases, hands-on-keyboard activity. This supply chain attack…
-
Threat Intelligence
QNAP Patches High-Severity Vulnerability Exists In The Wild
March 30, 2023 QNAP Patches High-Severity Vulnerability Exists In The Wild QNAP has issued a warning to consumers that some of its Network Attached Storage (NAS) devices are vulnerable to high-severity privilege escalation vulnerability. The Vulnerability CVE-2023-22809 (CVSS 3.1 : 7.8, High-severity) – Privilage escalation vulnerability (sudoers policy bypass) in Sudo version 1.9.12p1. Successful exploitation on…
-
Threat Intelligence
Aruba Networks fixes 6 critical vulnerabilities in ArubaOS
March 2, 2023 Aruba Networks fixes 6 critical vulnerabilities in ArubaOS Aruba Networks issued a security advisory regarding six critical-severity vulnerabilities affecting multiple versions of ArubaOS, its proprietary network operating system. Aruba’s critical vulnerabilities are divided into two categories: command injection vulnerabilities and stack-based buffer vulnerabilities in the PAPI protocol (Aruba Networks access point management…
-
Threat Intelligence
Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones
March 2, 2023 Cisco Patches Critical Web UI RCE Vulnerability in Multiple IP Phones Cisco has patched a critical security vulnerability discovered in the Web UI of several IP Phone models, which unauthenticated and remote threat actors can exploit in remote code execution (RCE) attacks. The RCE Vulnerability CVE-2023-20078 (CVSS score: 9.8) – A vulnerability…
-
Threat Intelligence
Remove AV Exclusions for Microsoft’s Exchange
February 27, 2023 Remove AV Exclusions for Microsoft’s Exchange According to Microsoft’s Exchange Team, it is recommended to remove specific folders and processes exclusions from the file-level Antivirus (AV) scanner. The Issue: Keeping the exclusions may prevent detections of Internet Information Services (IIS) webshells and backdoor modules. Threat actors might exploit malicious IIS web server…
-
Threat Intelligence
HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS.
February 23, 2023 HP Patches 4 TOCTOU Vulnerabilities in PC’s BIOS. HP recently discovered potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities in their PC’s BIOS. The Vulnerabilities CVE-2022-27539, CVE-2022-27541, CVE-2022-43777, CVE-2022-43778 (CVSS:3.1 score: 7.8, High) – A threat actor may carry out remote code execution (RCE), denial of service (DoS), and information disclosure operations. Affected…
-
Threat Intelligence
Apple Patches Actively Exploited 0-Day Vulnerability in MacOS & Safari
February 14, 2023 Apple Patches Actively Exploited 0-Day Vulnerability in MacOS & Safari Apple has released an emergency update patching actively exploited 0-day RCE vulnerability, which allows malicious actor to perform remote code execution (RCE) with kernel privileges. The Zero-Day Vulnerability CVE-2023-23529 (Critical) – Type-confusion vulnerability in ‘Webkit’, that could be exploited to trigger OS crashes…
-
Threat Intelligence
QNAP Patches Critical Vulnerability
February 2, 2023 QNAP Patches Critical Vulnerability QNAP has patched a critical vulnerability affecting its network-attached storage (NAS) devices which could allow to threat actor to perform remote code injection (RCE). The Vulnerability CVE-2022-27596, (CVSS 3.1: 9.8, Critical) – SQL injection vulnerability which allows remote threat actor to inject malicious code and allow access to…
-
Threat Intelligence
KeePass Vulnerability Allows to Obtain Cleartext Passwords
February 2, 2023 KeePass Vulnerability Allows to Obtain Cleartext Passwords A new vulnerability was found in KeePass Password Manager allowing threat actors with write access to a target’s system to modify the XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. The Vulnerability CVE-2023-24055,…
-
Threat Intelligence
Jenkins patches 9 high-severity Vulnerabilities in 22 Plugins
January 25, 2023 Jenkins patches 9 high-severity Vulnerabilities in 22 Plugins The Jenkins security team has reported 38 vulnerabilities (29 of them rated high-severity) affecting 22 Jenkins plugins. Successful exploitation of the vulnerabilities may lead to Sandbox bypass, gain administrator access to Jenkins and more. The Vulnerabilities & Affected Plugins A full list of the vulnerabilities…
-
Threat Intelligence
Critical WordPress ”LearnPress” Plugin Vulnerabilities
January 25, 2023 Critical WordPress ”LearnPress” Plugin Vulnerabilities Multiple critical-severity WordPress vulnerabilities, including pre-auth SQL injection and local file inclusion, were discovered by security researchers in the “LearnPress” plugin for WordPress online courses. The Critical Vulnerabilities CVE-2022-45808 (CVSS 3.1: 9.9, Critical) – An SQL Injection vulnerability, might allow a malicious actor to directly interact with…
-
Threat Intelligence
Google Patches Chrome Vulnerabilities, 2 Critical RCEs
January 25, 2023 Google Patches Chrome Vulnerabilities, 2 Critical RCEs Google has released Chrome version 109.0.5414.119/120 for Mac and Linux and Windows, patching 2 RCE vulnerabilities. Successful exploitation might lead to remote code execution (RCE). The RCE Vulnerabilities CVE-2023-0471, High-Severity – Use after free vulnerability in WebTransport. CVE-2023-0472, High-Severity – Use after free vulnerability in…